Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
left_arrow
February 2008
 right_arrow
Su M Tu W Th F Sa
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    February 26, 2008 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    February 26Microsoft Windows CE Trojan
    February 25VMware Releases Security Alert
    February 22Novell iPrint Client Vulnerability
    February 21BEA Releases Security Advisories for Vulnerabilities
    February 21EMC RepliStor Vulnerabilities
    February 21Lunar Eclipse Email Attack
    February 21Symantec Veritas Storage Foundation Update
    February 18Mozilla Firefox and Opera Vulnerability
    February 15Public Exploit Code for Microsoft Works Vulnerabilities
    February 14Email Attacks Circulating


    Microsoft Windows CE Trojan

    added February 26, 2008 at 10:04 am

    US-CERT is aware of reports of a trojan that affects Microsoft Windows CE. This trojan disables Windows Mobile application installation security.

    The trojan may take any or all of the following actions on the mobile device:

    • spreads via seemingly legitimate application installation files
    • installs as an autorun program on the memory card
    • installs itself to the device when an infected memory card is inserted
    • protects itself from deletion by copying itself back to disk
    • replaces the browser's homepage
    • allows unsigned applications to install without warning
    US-CERT encourages users to take the following preventative measures to help mitigate the security risks:
    • Install anti-virus software on the mobile device, and keep its virus signature files up-to-date.
    • Use caution when downloading and installing applications.
    US-CERT will continue to provide more information as it becomes available.


    VMware Releases Security Alert

    added February 25, 2008 at 09:07 am

    VMware has released a security alert in response to a vulnerability in Windows-hosted VMware Workstation, VMware Player, and VMware ACE. This vulnerability exists in the host-to-guest shared folders feature and allows applications running in the guest operating system to access the host operating system's file system. Exploitation of this vulnerability may allow an attacker to circumvent the controls on the guest system and gain read and write access to the host file system.

    US-CERT encourages users to review VMware knowledge base article 1004034 and apply the workarounds.

    US-CERT will provide additional information as it becomes available.


    Novell iPrint Client Vulnerability

    added February 22, 2008 at 08:02 am

    Novell has released an update to address a vulnerability in iPrint Client for Windows.  This vulnerability is due to a buffer overflow in the"ExecuteRequest()" method of the "ienipp.ocx" ActiveX control. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

    US-CERT encourages users to review Novell document 5008420 and apply the appropriate update for their system.

    US-CERT will provide more information as it becomes available.


    BEA Releases Security Advisories for Vulnerabilities

    added February 21, 2008 at 02:51 pm

    BEA has released multiple security advisories to address vulnerabilities in WebLogic, AquaLogic and Plumtree.  These vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, elevate privileges, and obtain sensitive information.

    US-CERT encourages users to review the BEA security advisories and apply any necessary updates.

    US-CERT will provide more information as it becomes available.


    EMC RepliStor Vulnerabilities

    added February 21, 2008 at 02:46 pm

    US-CERT is aware of reports of multiple vulnerabilities affecting EMC RepliStor. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code on an affected system.

    US-CERT encourages users to review the EMC knowledge base article emc179808 (login required) and apply any necessary updates.

    US-CERT will provide more information as it becomes available.


    Lunar Eclipse Email Attack

    added February 21, 2008 at 12:56 pm

    US-CERT is aware of an email attack circulating that is related to the recent lunar eclipse.  The email contains a message indicating that there is a video of  the lunar eclipse available and instructs users to follow a link to download the video.  If a user clicks on this link, an executable file will be downloaded that contains a Trojan program. This Trojan program may allow an attacker to take control of an affected system.

    US-CERT encourages users to take the following preventative measures to mitigate the security risks:


    Symantec Veritas Storage Foundation Update

    added February 21, 2008 at 12:55 pm

    Symantec has released an update for Veritas Storage Foundation to address a vulnerability.  This vulnerability is caused by packet handling errors in the Symantec VEA administrative service. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code, cause a denial-of-service condition, escalate privileges.

    US-CERT encourages users to review Symantec Security Advisory SYM08-005 and apply any necessary updates.

    US-CERT will provide more information as it becomes available.


    Mozilla Firefox and Opera Vulnerability

    added February 18, 2008 at 03:34 pm

    US-CERT is aware of public reports of a vulnerability in Mozilla Firefox and Opera web browsers.  This vulnerability is caused by improper handling of bitmap image files (.bmp). By sending a specially crafted bitmap image file to the browser, an attacker may be able to obtain sensitive information or cause a denial-of-service condition.

    US-CERT encourages Mozilla Firefox users to upgrade to Firefox 2.0.0.12 and Opera users to upgrade to Opera 9.25.

    US-CERT will provide more information as it becomes available.


    Public Exploit Code for Microsoft Works Vulnerabilities

    added February 15, 2008 at 08:37 am

    US-CERT is aware of reports of publicly available exploit code for vulnerabilities in Microsoft Works 6 File Converter. By convincing a user to open a specially crafted Works file, an attacker may be able to execute arbitrary code on an affected system. This vulnerability was addressed in Microsoft Security Bulletin MS08-011.

    US-CERT reminds users to review Microsoft Security Bulletin MS08-011 and apply any necessary updates or workarounds. 


    Email Attacks Circulating

    added February 14, 2008 at 03:27 pm

    US-CERT is aware of reports of several email attacks circulating.

    The first of these attacks is related to the U.S. presidential election. The email contains a message indicating that there is a video of a candidate interview available and instructs users to follow a link to download the video. If a user clicks on this link, an executable file will be downloaded that contains the Trojan "Trojan.Srizbi."

    The second attack is a phishing scam related to the U.S. Internal Revenue Service. Messages promising faster or larger refunds may request that users provide personal information or may contain links to phishing websites.

    US-CERT encourages users to take the following preventative measures to mitigate the security risks: